The Market Conduct Annual Statement (MCAS) is one of the most important regulatory reporting requirements health plans face each year. Administered by the National Association of Insurance Commissioners (NAIC), MCAS is designed to help regulators monitor trends in claims, complaints, financials, and operational practices across issuing organizations.
In this episode of Regulatory Joe, we’re breaking down the fundamentals of MCAS and what health plans can do to stay prepared.
MCAS Basics for Health Plan Compliance
The MCAS is an annual NAIC data call issued to insurance carriers—including ACA health plans—to collect standardized information across critical operational areas. While MCAS applies to many types of issuers, the core focus for health plans typically includes:
- Claims activity
- Member complaints (direct or via state ombudsmen)
- Financial reporting
- Membership data
- Policies, procedures, and documented business operations
Not every carrier receives an MCAS call letter each year. Regulators identify thresholds based on industry trends—such as shifts in claim volume or complaint activity—and use those benchmarks to determine which organizations must participate in the upcoming cycle.
Once selected, plans must submit detailed responses through the NAIC MCAS portal, using standardized templates that require precise data mapping, consistency and validation.
How the MCAS Submission Process Works for Health Plans
Each annual MCAS cycle follows a predictable timeline—but the volume and complexity of the request can overwhelm even well-resourced compliance teams.
Call letters are typically released in December. From there, health plans have six to seven months to compile data, validate it and submit through the NAIC portal. Each call letter includes dozens of questions across multiple operational functions—and many require current, version-controlled business policies and procedures, financial documentation, membership detail and granular claims subsets.
Because MCAS templates include built-in validation checks, incorrect mapping or inconsistent formatting can lead to rejected files or regulator follow-ups. Understanding where data lives across warehouses, systems and departments—and ensuring alignment across all sources—is a foundational best practice.
How Regulators Use MCAS Data: Outliers, Benchmarks, and Exam Triggers
Once MCAS data is submitted, regulators compare each filing to benchmark thresholds for their state. These thresholds help pinpoint outliers—patterns that fall outside expected ranges.
Potential outlier categories include:
- High claims volume
- Elevated complaint counts
- Unusual utilization trends
- Financial reporting anomalies
- Inadequate policies or outdated procedures
If regulators identify outliers, those areas receive heightened scrutiny. In some cases, an outlier review escalates to a formal market conduct exam.
A formal exam typically begins with a request for two calendar years of historical MCAS data. From there, regulators conduct deeper reviews across additional areas such as utilization management, care management, product and benefit operations and expanded documentation requirements.
Plans should expect multiple rounds of follow-up questions on any flagged item. These exams require tight cross-functional coordination and clear ownership to manage effectively.
How Health Plans Should Prepare for MCAS: Practical Recommendations
- Establish ongoing MCAS readiness processes: Quarterly reviews of claims ratios, complaint patterns, financial trends and system configuration issues can help identify outliers early and prevent surprises during a formal audit.
- Strengthen documentation across the organization: Outdated or missing policies and procedures are common friction points during MCAS. Keeping workflows documented, current and version-controlled reduces the risk of incomplete submissions.
- Assign a dedicated MCAS project lead: Whether internal or external, a single accountable owner ensures version control, cross-functional coordination and on-time submissions—while preventing incorrect file uploads, one of the top triggers for regulator follow-ups.
- Modernize technology supporting regulatory filings:Centralized repositories for regulatory submissions like MCAS can help prevent versioning issues, support collaboration and create a defensible audit trail if regulators request additional detail.
MCAS is a clear window into how effectively a health plan manages operations, documentation and data integrity. By treating MCAS readiness as an ongoing operational function rather than an annual scramble, issuers can reduce audit risk, avoid costly examination cycles and strengthen their long-term compliance posture.
